I try to make not editable customer master data (XD01, XD02, FD08...) for users who don't have authorization group. 1 user can modify a defined list of customer.

I want to use "authorization" field in tab "Control data" of the customer master data.

I did the following steps:1. I defined 2 authorization groups in table TBRG for object F_KNA1_BED (X001 and X002)2.In a simple role (via tranbsaction PFCG) I assigned authorization group value X001 for the object F_KNA1_BED for activities create, change, confirm. Role is generated.3.I assigned this role to a test User4. for a customer with the authorization group X002 in the field "authorization" of tab "Control data", the test user can still modify it via XD02.